Simply use PBKDF2.outputLength = 16

author: Igor Pashev <pashev.igor@gmail.com> 2015-11-08 19:00:25 +0300
committer: Igor Pashev <pashev.igor@gmail.com> 2015-11-08 19:00:25 +0300
commit: 44cc38c856968e6b2d619540591863ae13de9bf0 (patch)
tree: 96332f38e37011af0674dfa6aa8641903efa1235 /src/Web/ZeroBin
parent: 56115491d0dce58bf06f92fd5022363eb05a3755 (diff)
download: zerobin-44cc38c856968e6b2d619540591863ae13de9bf0.tar.gz
1 files changed, 3 insertions, 8 deletions
diff --git a/src/Web/ZeroBin/SJCL.hs b/src/Web/ZeroBin/SJCL.hs
index 66f8e29..faa2db0 100644
--- a/src/Web/ZeroBin/SJCL.hs
+++ b/src/Web/ZeroBin/SJCL.hs
@@ -36,16 +36,11 @@ instance JSON.ToJSON Content where
 makeCipher :: ByteString -> IO AES256
 makeCipher = throwCryptoErrorIO . cipherInit
 
--- SJCL uses PBKDF2-HMAC-SHA256 with 1000 iterations, 32 bytes length,
--- but the output is truncated down to 16 bytes.
 -- https://github.com/bitwiseshiftleft/sjcl/blob/master/core/pbkdf2.js
--- TODO: this is default, we can specify it explicitly
---       for forward compatibility
+-- TODO: this is default, we can specify it explicitly for forward compatibility
 makeKey :: ByteString -> ByteString -> ByteString
-makeKey pwd slt = BS.take 16 $ PBKDF2.generate (prfHMAC SHA256)
-  PBKDF2.Parameters {PBKDF2.iterCounts = 1000, PBKDF2.outputLength = 32}
-  pwd slt
-
+makeKey = PBKDF2.generate (prfHMAC SHA256)
+  PBKDF2.Parameters {PBKDF2.iterCounts = 1000, PBKDF2.outputLength = 16}
 
 chunks :: Int -> ByteString -> [ByteString]
 chunks sz = split
author	Igor Pashev <pashev.igor@gmail.com>	2015-11-08 19:00:25 +0300
committer	Igor Pashev <pashev.igor@gmail.com>	2015-11-08 19:00:25 +0300
commit	44cc38c856968e6b2d619540591863ae13de9bf0 (patch)
tree	96332f38e37011af0674dfa6aa8641903efa1235 /src/Web/ZeroBin
parent	56115491d0dce58bf06f92fd5022363eb05a3755 (diff)
download	zerobin-44cc38c856968e6b2d619540591863ae13de9bf0.tar.gz